Orange Romania
February 24, 2025
•[ financial, hack, leak ]
In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum. The data included 556k email addresses (of which hundreds of thousands were in the form of [phone number]@as1.romtelecom.net), phone numbers, subscription details, partial credit card data (type, last 4 digits, expiration date and issuing bank). The breach also exposed an extensive number of internal documents.
Undisclosed Malaysian educational institution
December 19, 2024
•[ financial, malware, education ]
Researchers from Trend Micro discover a Python-Based NodeStealer version targeting Facebook Ads Manager.
Individuals in South Korea
December 11, 2024
•[ financial, phishing, finance ]
A South Korean law enforcement operation, dubbed Operation Midas, and carried out by the Korean Financial Security Institute (K-FSI), takes down a large-scale fraud network that extorted $6.3m from victims with fake online trading platforms.
Luxottica Group
December 6, 2024
•[ financial, manufacturing ]
A cyber attack carried out by Nigerian threat actors hits Luxottica, diverting funds to foreign accounts.
Fota Wildlife Park
December 5, 2024
•[ financial, hack, leak ]
People who purchased tickets to visit Fota Wildlife Park in Cork, Ireland, are warned to cancel their bank cards following the discovery of a cyberattack that may have exposed the data on those cards.
Multiple Organizations in the Cryptocurrency Space
December 4, 2024
•[ financial, malware, finance ]
The legitimate Solana JavaScript SDK is temporarily compromised in a supply chain attack, backdoored with code to steal cryptocurrency keys and drain wallets.
Port of Rijeka
November 30, 2024
•[ ransomware, financial, leak ]
The 8Base ransomware group hits Croatias Port of Rijeka, stealing sensitive data, including contracts and accounting info.
Crypto users in Linkedin
November 22, 2024
•[ financial, social, finance ]
Researchers at Microsoft reveal that the North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period.
Grand Forks Public Schools
November 21, 2024
•[ financial, phishing, education ]
Grand Forks Public Schools loses $2.2M to a phishing scam
iLearningEngines
November 18, 2024
•[ financial, hack, technology ]
iLearningEngines, an artificial intelligence company, says that a threat actor breached its network and stole a $250,000 wire payment.
Thala
November 15, 2024
•[ financial, misconfiguration, finance ]
Thala reveals it had suffered a security breach due to an isolated vulnerability related to its v1 farming contracts, which allowed the attacker to withdraw liquidity tokens. The company is able to recover $25.5 million of liquidity pool tokens
DeltaPrime
November 11, 2024
•[ financial, finance ]
DeltaPrime, the decentralized finance borrowing protocol suffers a cyber attack with a loss of $4.8 million worth of crypto assets.
Hyp
November 10, 2024
•[ financial, ddos, finance ]
Devices used across Israel to read credit cards malfunction after a suspected DDoS targets the payment gateway company Hyps CreditGuard product.
Metawin
November 3, 2024
•[ financial, malware, technology ]
A threat actor steals over $4 million from crypto casino Metawin's Ethereum and Solana hot wallets
Individuals
October 31, 2024
•[ financial, phishing, retail ]
Researchers at Human reveal that more than 1,000 legitimate shopping sites have been compromised to promote fake product listings in a credit card phishing scheme dubbed Phish n Ships,
Crypto users
October 31, 2024
•[ financial, malware, finance ]
The popular LottieFiles Lotti-Player project is compromised in a supply chain attack to inject a crypto drainer into websites that steals visitors' cryptocurrency.
U.S. Government
October 24, 2024
•[ financial, government ]
A threat actor appears to have stolen approximately $20 million in stablecoins and ETH from wallets belonging to the U.S. Government.
Social
October 18, 2024
•[ financial, misconfiguration, finance ]
Tapioca DAO suffers a $4.5 million exploit after an attacker compromised its native token's vesting contract.
SelectBlinds
September 28, 2024
•[ financial, malware, retail ]
More than 200,000 who shopped for blinds or window dressing this year had their credit card information and other data stolen after threat actors placed malware on the website of SelectBlinds, a major retailer.
Bedrock
September 27, 2024
•[ financial, finance ]
Crypto liquid restaking protocol Bedrock loses roughly $2 million in a security exploit. In return, the attacker is offered the job of securing the very protocol it stole from.
